How China could crash Europe’s energy grid and what the EU can do about it
How China could crash Europe’s energy grid and what the EU can do about it
How China could crash Europe’s energy grid and what the EU can do about it | ECFR
...
Today, Chinese companies control more than 220 gigawatts of Europe’s installed solar capacity via inverters—the digital brains that convert direct current into grid-usable alternating current. These (usually) remotely programmable computers generate data, receive software and firmware updates, adjust voltage and frequency, and can be switched on and off as needed—or tampered with. Huawei (deemed “high risk” for many European telecoms networks) has become Europe’s largest supplier of inverters.
In normal times, inverters maintain grid stability and facilitate the integration of renewable energy. In a world where technology can be weaponised, they also offer a handful of operators potential levers inside Europe’s critical infrastructure. The irony is that clean technologies disperse energy generation across countless sites, but the digital centralisation of their data and control on cloud platforms makes them more vulnerable to attack.
In effect, while European dependence on solar panels from China may not be the most risky of dependencies, the EU’s energy grid backbone increasingly runs on Chinese hardware, software and data access. European countries need to spend hundreds of billions of euros over the coming years to upgrade their ageing grid, and China is well-placed to extend this dominant inverter supplier position into other power equipment, including transmission lines, distribution transformers and software for managing grid integration. Beijing has already shown that it will use dependencies as geoeconomic weapons, from rare earths to automotive chips. Europe’s grid could be next.
...
There’s no shortage of ways inverters can be turned into weapons. State-linked actors could deploy malware that cripples the power system and knocks out critical services. Espionage teams might map the grid to help pinpoint the best places to disconnect for maximum impact. Cyber attacks on operating systems could plunge wide areas into darkness for weeks.
There are also geoeconomic threats. Imagine China restricted the sale of components and maintenance services to its grid technologies. European countries would not be able to simply switch to a different supplier, because switching often requires replacing large parts of the network, leaving operators unable to patch known flaws and thereby inviting more cyber attacks or extortion.
...
How to secure the European grid
- Exclude high-risk vendors from the EU, e.g., the Cybersecurity Act, as well as the Cyber Resilience Act, could therefore offer the Commission another pathway to enforce Union-wide bans on risky products and services
- Condition funding on exclusions, e.g., conditioning EU funding for renewable energy projects and auctions on the exclusion of hardware and software from high-risk suppliers
- Tighten economic security measures, e.g., protecting domestic manufacturers by launching trade defence investigations (anti-dumping) into imported inverters and other power grid equipment
- Prevent circumvention and strengthen oversight, e.g., making sure that member states EU regulations by outsourcing operational control functions of inverters to (shell) companies in high-risk countries
- Promote trust standards among allies, e.g., encouraging its member states to adopt similar trust standards for their energy grid
...